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DETAILED ACTION 



1. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
February 17, 2006 has been entered. 

2. Claims 1-3, 8-9, 1 1-16, 19, 23-25 and 34-50 are pending. 

Response to Arguments 

3. Applicant's arguments filed 2/1 7/06 have been fully considered but they are not 
persuasive. In response to the arguments concerning the previously rejected claims, the 
following comments are made: 

Regarding claims 1, 12, 23 and 34, the Applicant argues Stoltz et al. (U.S. Patent 
6,615,264; hereinafter Stoltz) "the Applicant's invention defines a first token is converted 
to an authenticated token. The authenticated token incorporates a user's identity and 
has a different content from the first token". The Applicant teaches "converting a first 
token into an authenticated token" in the specification (Figure 2; Page 7, paragraph 1) 
as "a user may access a session by authenticating the user's identity and an 
authenticated token for the user is created and the user is granted access to the 
session". Stoltz discloses an authentication module that verifies the challenge response 
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with user information retained in authentication database. When the user is 
authenticated, the user is eventually be given access to a session. (Col. 9, lines 26-40) 
Furthermore, Stoltz teaches if authentication is successful processing continues to send 
an N_AUTHENTICATE command. The format of the command contains code identifier 
length, to indicate that the user was successfully authenticated. (Figure 5A-5B; Col. 19, 
lines 5-25; which is equivalent to an authenticated token with a different content from 
the first token). Then the user is connected on one of the user's session. 

The Applicantargued each token wouldn't convert to a common token this in turn 
result in associating each token with it's own session. The Examiner would like to point 
out only the first token not each token is converted to an authenticated token as per 
claims 1, 12, 23 and 34. 

In response to applicant's argument that the references fail to show certain 
features of applicant's invention, it is noted that the features upon which applicant relies 
(i.e., "useless for a user who misplaced a particular token and tried to access a desired 
session with a different token) are not recited in the rejected claim(s). Although the 
claims are interpreted in light of the specification, limitations from the specification are 
not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. 
Cir. 1993). 

Claim Rejections - 35 USC §112 

4. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 
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5. Claims 1, 12, 23 and 34 recites the limitation "said authentication token" in line 3. 
There is insufficient antecedent basis for this limitation in the claim. 

Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

7. Claims 1-34 and 42-50 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Stoltz et al. United States Letter Patent Number 6,615,264. 

As per claims 1 and 23: 

Stoltz teaches a method and a computer program for accessing a session 
comprising: 

converting a first token of one or more tokens assigned to a user to an 
authenticated token; (Col. 3, lines 12-17; Col. 7, lines 61-65; Col. 9, lines 18-40; Col. 10, 
lines 30-35) 

associating said user with said session using said authenticated token; and (Col. 
7, lines 61-67; Col. 8; lines 1-2; a user may access a system by initiating a login or other 
authentication mechanism ... a user may be associated with a particular session) 
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presenting said authenticated token to access said session from a first terminal, 
wherein each token of the one or more tokens assigned to said user can be 
implemented to authenticate said user, and further wherein said authenticated token 
can be created by each token of the one or more tokens assigned to said user. (Col. 7, 
lines 61-Col. 8, lines 1-6; Col. 8, lines 35-39; Col. 9, lines 39-40; Col. 10, lines 13-15 
lines 35-37; Col. 11, lines 19-22) Col. 8, lines 8-9; Col. 9, lines 19-45) 
As per claims 2 and 24: 

Stoltz teaches all the subject matter as discussed above. In addition, Stoltz . 
further discloses a method and a computer program comprising: 

converting a second token of the one or more tokens assigned to said user to 
said authenticated token, said second token being implemented to authenticate said 
user; (Col. 9, lines 27-34) and presenting said authenticated token to access said 
session from a second terminal. (Col. 6, lines 16-20; Col. 8, lines 1-2; Col. 9, lines 48- 
50; Col. 11, lines 31-40; the user can log back in using a network terminal such as 
network terminal 202, connect to session and interact with the services ... there can be 
multiple instances of network terminal 202; Col. 13, lines 58; multiple session can be 
associated with a user) 
As per claims 3 and 14: 

Stoltz teaches all the subject matter as discussed above. In addition, Stoltz 
further discloses a method and a system comprising: 

sending a session disconnect signal to said first terminal; (Col. 15, lines 57-58; 
when disconnect message is received, session manager sends a disconnect message 
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to each one of the services directing them to terminate sending I/O to network terminal) 
and 

routing input and output for said session to said second terminal. (Col. 14, lines 
24-32; ...user is connected to network terminal ...direct input/output to network terminal) 
As per claims 8, 9, 19, 45, 46 and 50: 

Stoltz teaches all the subject matter as discussed above. In addition, Stoltz 
further discloses a method, a system and a computer program wherein said biometric 
identifier is a finger print pattern or a retinal image. (Col. 3, lines 15-16; Col. 8, lines 37- 
38; Col. 10, lines 57-58; Col. 16, lines 53-54) 
As per claim 1 1 : 

Stoltz teaches all the subject matter as discussed above. In addition, Stoltz 
further discloses a method wherein said session is identified by said authenticated 
token. (Col. 10, lines 35-39; Col. 11, lines 65-67; Col. 12, lines 1-30) 
As per claim 12: 

Stoltz teaches a session accessing system comprising: 
an associating unit configured to associate a user with a session using an 
authenticated token created using an initial token assigned to said user, (Col. 7, lines 
61-67; Col. 8; lines 1-2; a user may access a system by initiating ^ login or other 
authentication mechanism ... a user may be associated with a particular session) said 
associating unit including, 
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a converting unit configured to convert said initial token to said authenticated 
token; (Col. 3, lines 12-17; Col. 7, lines 61-65; Col. 9, lines 18-40; Col. 10, lines 30-35) 
and 

a first presenting unit configured to present said authenticated token to access 
said session form a first terminal. (Col. 7, lines 61-Col. 8, lines 1-6; Col. 8, lines 35-39; 
Col. 9, lines 39-40; Col. 10, lines 13-15 lines 35-37; Col. 11, lines 19-22) 
As per claim 13: 

Stoltz teaches all the subject matter as discussed above. In addition, Stoltz 
further discloses a system comprising: 

a second presenting unit configured to present said authenticated token to 
access said session from a second terminal while said session is still being accessed 
from said first terminal. (Col. 6, lines. 16-20; Col. 8, lines 1-2; Col. 9, lines 48-50; Col. 11, 
lines 31-40; Col. 13, lines 58) 
As per claim 15: 

Stoltz teaches all the subject matter as discussed above. In addition, Stoltz 
further discloses a system wherein said step of associating unit further comprises: 

authenticating an identity of said user implementing said initial token. (Col. 3, 
lines 12-17; Col. 7, lines 61-65) 
As per claims 16, 43 and 49: 

Stoltz teaches all the subject matter as discussed above. In addition, Stoltz 
further discloses a method, a system and a computer program wherein said step of 
authenticating comprises: 
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obtaining said first token, said first token being a physical token, a passphrase or 
a biometric identifier assigned to said user. (Col. 3, lines 15-16; using smart card, using 
login and password, using biometric data, etc.) 
As per claim 25: 

Stoltz teaches all the subject matter as discussed above. In addition, Stoltz 
further discloses a computer program comprising: 

computer readable code configured to cause one or more computers to send a 
session disconnect signal to said first terminal; (Col. 15, lines 57-58; when disconnect 
message is received, session manager sends a disconnect message to each one of the 
services directing them to terminate sending I/O to network terminal) and 

computer readable code configured to cause said one or more computers to 
route input and output for said session to said second terminal. (Col. 14, lines 24-32; 
...user is connected to network terminal ...direct input/output to network terminal) 
As per claim 34: 

Stoltz teaches a method of accessing a session comprising: 

authenticating an identity of a user implementing a first token of one or more 
tokens assigned to said user; (Col. 3, lines 12-17; Col. 7, lines 61-65) 

converting said first token of one or more tokens to an. authenticated token; (Col. 
3, lines 12-17; Col. 7, lines 61-65; Col. 9, lines 18-40; Col. 10, lines 30-35) 

associating said user with said session using said authenticated token; (Col. 7, 
lines 61-67; Col. 8; lines 1-2; a user may access a system by initiating a login or other 
authentication mechanism ... a user may be associated with a particular session) and 
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presenting said authenticated token to access said session from a first terminal, 
(Col. 8, lines 35-39; Col. 9, lines 39-40; Col. 10, lines 13-15 lines 35-37; Col. 11, lines 
19-22) 

wherein said authenticated token can be created using each token of the one or 
more tokens. (Col. 3, lines 12-17; Col. 7, lines 61-65; Col. 9, lines 18-40; Col. 10, lines 
30-35) 

As per claims 42 and 47: 

Stoltz teaches all the subject matter as discussed above. In addition, Stoltz 
further discloses wherein said first token is the same as said second token or said first 
token is different from said second token. (Abstract; Col. 7, lines 61-64; Col. 8, lines 8-9; 
Col. 9, lines 19-45) 
As per claim 44: 

Stoltz teaches all the subject matter as discussed above. In addition, Stoltz 
further discloses a method wherein said step of authenticating comprises: 

obtaining said second token, said second token being a physical token, a 
passphrase or a biometric identifier assigned to said user. (Col. 3, lines 15-16; using 
smart card, using login and password, using biometric data, etc.) 
As per claim 48: 

Stoltz teaches all the subject matter as discussed above. In addition, Stoltz 
further discloses a computer program further comprising: 

Computer readable code configured to cause said one or more computer to 
authenticate an identity of said user implementing each token of the one or more 
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tokens, (Col. 3, lines 12-17; Col. 7, lines 61-65; Col. 9, lines 17-40) said computer 
readable code including, 

computer readable code configured to cause said one or more computers to 
obtain said first token of said one or more tokens, and computer readable code 
configured to cause said one or more computers to obtain second token. (Col. 3, lines 
15-16; using smart card, using login and password, using biometric data, etc.; Col. 9, 
lines 17-40) 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

9. Claims 1, 12, 23 and 34 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Aditham et al. (hereinafter Aditham) U.S. Patent 5,706,349 in view of 
Wu et al. U.S. Patent Number 5,774,551, 

As per claims 1 , 1 2, 23 and 34: 

Aditham teaches a method and a computer program for accessing a session 
comprising: 

converting a first token tokens assigned to a user to an authenticated token, said 
authentication token incorporating a user identity and having content from said first 
token; (Col. 2, lines 8-14) 
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associating said user with said session using said authenticated token; and (Col. 
2, lines 13-16) 

presenting said authenticated token to access said session from a first terminal, 
(Col. 2, lines 16-30) 

Aditham does not explicitly disclose wherein each token of the one or more 
tokens assigned to said user can be implemented to authenticate said user, and further 
wherein said authenticated token can be created by each token of the one or more 
tokens assigned to said user. 

Wu in analogous art, however, discloses wherein each token of the one or more 
tokens assigned to said user can be implemented to authenticate said user, and further 
wherein said authenticated token can be created by each token of the one or more 
tokens assigned to said user. (Col. 15, line 54-Col. 16 line 39) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Aditham to 
include wherein each token of the one or more tokens assigned to said user can be 
implemented to authenticate said user, and further wherein said authenticated token 
can be created by each token of the one or more tokens assigned to said user. This 
modification would have been obvious because a person having ordinary skill in the art 
would have been motivated to do so, as suggested by, Wu (Col. 15, lines 54-58) in 
order to provide an authentication system that provides different types of authentication 
schemes for establishing and verifying an identity of the user attempting to access a 
computer system. 
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Allowable subject matter 

10. Claim 35 is objected to as being dependent upon a rejected base claim but would 
be allowable if rewritten independent from including all of the limitation of the base claim 
and any intervening claims. The claimed invention comprises authenticating identity of 
user by implementing a second token of one or more tokens assigned to the user, 
presenting the authenticated token to access said session from second terminal while 
the session is still being accessed from said first terminal which is not covered by the 
prior art. 

Claims 36-41 , which are directly or indirectly dependents of claim 35 are also 
objected. 

Conclusion 

1 1 . The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. See Form PTO-892. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shewaye Gelagay whose telephone number is 571-272- 
4219. The examiner can normally be reached on 8:00 am to 5:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Shewaye Gelagay 

3/24/06 ^ 




